Biometric security has come a long way, and traditionally Samsung has been a leader in that space with their hardware being some of the first to get Fingerprint sensors, then Face unlock, a brief period with retina scanning and then lastly in-display fingerprint sensors.
It’s come to light however that the new face recognition in the Galaxy S10 line up can be fooled by a simple video of your face.
Most of us know that face detection for unlocking your device has never been ultra secure, except for in a few cases where the tech included was of a higher standard, like Samsung’s Retina unlock.
Unfortunately, I would suggest that most consumers don’t really know this, and as such their level of security just decreased, the video tells the whole story check it out.
As you can see, all I had to do was point the front-facing camera at my other phone playing a video of myself making funny faces and I was in. I did test it with a still image and that didn’t work for me. Videos with low detail or bad lighting also didn’t work, but I was able to create a working sample on my second run.
Now, to exploit this someone is going to need 1) your phone and 2) a reasonable quality video of your face.
That aside it’s still not great this software got into the public build, especially with Samsung offering Samsung Pass as a way of opting into using face unlock as an actual biometric authentication system for other apps and service.
I can tell you that until we get an official comment from Samsung, I’ve deactivated Samsung Pass, and in fact I’ve turned of face unlock entirely for now.